* Clarify that requestHeaderSize is a cumulative limit
HttpConfiguration documents the requestHeaderSize configuration option
as being a limit on the size of a single request header, but it is in
fact a limit on the cumulative size of all request headers as well as
the request URI. This patch updates the documentation accordingly, and
adds test cases for the HTTP/1.x and HTTP/2 parsers to verify the
behavior.
NB.: the HTTP/3 parser and configuration seem to correctly document this
option as being a global limit on header size.
* Improve requestHeaderSize tests and documentation per review
Signed-off-by: Máté Szabó <mszabo@wikia-inc.com>
* Issue #7277 - Allow `Request.getLocalName()` and `.getLocalPort()` to be overridden (#7316)
* Introduce `HttpConfiguration.setServerAuthority(HostPort)`
to influence `ServletRequest.getServerName()` and `ServletRequest.getServerPort()`
* Introduce `HttpConfiguration.setLocalAddress(SocketAddress)`
to influence `ServletRequest.getLocalName()`, `ServletRequest.getLocalPort()`, and `ServletRequest.getLocalAddr()`
* Correcting Request URI logic on abs-uri without authority
* Adding test cases
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #6973 - Setup Request/Response objects for success with RequestLog
+ Prevents reading of Request body parameters
+ Still allows raw Request.getInputStream() and
Request.getReader() usage
+ Restores committed response status code.
+ Does not rest committed response headers.
+ Adding testcase for post-commit response header
issue. (currently disabled)
+ Remove Request.onRequestLog()
+ Move requestlog calling from HttpChannel to Request.onCompleted
+ address scenario where HttpChannel is null
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
- Made HttpChannelOverHTTP3.needContent() to look for content if none is immediately available.
- Improved javadocs.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
- Made BlockingContentProducer.onContentProducible() idempotent by checking if the input
is unready before releasing the semaphore.
This is necessary because HTTP/3 will call onContentProducible() just after receiving the request,
while other protocols assume that content is producible and only call onContentProducible()
when they read all the available content.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
- WebSocket should user server ByteBufferPool if possible
- fix various bugs ByteBufferPool implementations
- add heuristic for maxHeapMemory and maxDirectMemory
- Add dump for ByteBufferPools
- add LogArrayByteBufferPool that does exponential scaling of bucket size.
- ByteBufferPools should default to use maxMemory heuristic
- Add module jetty-bytebufferpool-logarithmic
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Changed order of entries in module-info.java to be canonical
(cherry picked from commit 02691171d5)
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fix#6883 relative welcome redirect (#6886)
Fix#6883 relative welcome redirect
+ make all redirects able to be relative
+ added test for relative redirection in ResourceService
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Fix#6860 IPv6 format by adding an extensible HttpChannel method
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
* Issue #6497 - Replace the Alias checkers with new implementation.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
DefaultSessionCache is designed to be extended, by virtue of its protected session map. Subclasses can set their own map instance instead. However the session map is specified as ConcurrentHashMap, when it only needs to be ConcurrentMap.
Changed data type to ConcurrentMap to allow for wider options for subclasses, such as those wanted to use Caffeine's asMap() method which returns ConcurrentMap.
Although changing to even more relaxed Map would work, that does not provide as much clarity that the map will be used concurrently - therefore used ConcurrentMap instead.
Signed-off-by: Padraic Renaghan <padraic@renaghan.com>
* #6605 testEmptyBufferKnown: make sure the assertion does not happen before the committed flag is read
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
* #6605 rename test
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Issue #5684 - Window's test overhaul
+ Migrate from @DisabledOnOs(WINDOWS) to assumptions on capabilities instead.
+ Fix other outstanding windows testing issues.
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.
+ PathWatcher scan interval is variable on windows
+ If unable to start testcase based on assumption,
the stop shouldn't fail testcase
+ Increase various wait timeouts
+ Make tests less strict due to system speed issues
+ Disable Sni tests due to TLS behaviors differences in Windows
+ Windows TLSv1.3 seems to introduce this difference
+ If we restrict to TLSv1.2 this passes.
+ On Linux TLSv.13 on client side will always return a
+ javax.net.ssl.SSLHandshakeException in those test cases that expect it.
+ However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,
+ All other TLS versions on Windows will result in a
+ javax.net.ssl.SSLException: Software caused connection abort: recv failed
+ Disable ConcurrentStreamCreationTest
+ Not possible to create all of these streams.
+ Fixing DeploymentTempDirTest
+ Using unique workdir per testcase.
+ Don't expect to delete files / directories between tests
(not supported on windows due to file locking anyway)
+ Fixing line ending difference on windows
+ InvalidPathException is a 404 Not Found
+ Cannot reuse test directory between runs due to memory mapped files that are still in use from previous run.
+ java.nio.file.FileSystemException: C:\code\jetty.project\jetty-webapp\target\tests\welcome#\index.html: The requested operation cannot be performed on a file with a user-mapped section open.
at java.base/sun.nio.fs.WindowsException.translateToIOException(WindowsException.java:92)
at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:103)
at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:108)
at java.base/sun.nio.fs.WindowsFileSystemProvider.newByteChannel(WindowsFileSystemProvider.java:235)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
at java.base/java.nio.file.Files.newOutputStream(Files.java:220)
at org.eclipse.jetty.webapp/org.eclipse.jetty.webapp.WebAppDefaultServletTest.prepareServer(WebAppDefaultServletTest.java:84)
+ As is typical on windows, we are often unable to delete a file due to file locking issues.
+ Use a unique resource base between tests.
This is to avoid file locking behaviors that prevent the
resource base from being reused too quickly on windows.
+ Prevent test run if symlinks not supported
+ Allowing for Windows slosh char as well in asserts
+ SelectorUtils is File.separator dependent
+ Regex is now FS.separator independent
+ Using SelectorUtils from plexus correctly for include/exclude
+ Turning off mapped files for testing reasons.
+ Fix and re-enable RFC2616NIOHttpsTest
+ Issue #6552 - Fix test failures due to slf4j dep
+ Issue #6552 - upgrade testcontainers
+ Issue #6552 - move to assumption based docker existence
+ Issue #6552 - Fix enforcer rule violation on jna.
Addresses the following side effect of upgrading testcontainers.
[WARNING] Rule 3: org.apache.maven.plugins.enforcer.RequireUpperBoundDeps failed with message:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for net.java.dev.jna:jna:5.6.0 paths to dependency are:
+-org.eclipse.jetty:infinispan-remote-query:10.0.7-SNAPSHOT
+-org.testcontainers:testcontainers:1.16.0
+-com.github.docker-java:docker-java-transport-zerodep:3.2.11
+-net.java.dev.jna:jna:5.6.0 (managed) <-- net.java.dev.jna:jna:5.8.0
+ use annotation to disable test when docker not available and needed
+ Disabling FileSessionDistributionTests.stopRestartWebappTestSessionContentSaved on Windows
+ Using TLS basic
+ Programmatic removal of memory mapped behavior during testing
+ Fixing slf4j warning
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
Fixed occurrences of Callbacks that did not override getInvocationType() to properly declare whether they block or not.
Added test case for blocking writes for both client and server.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 9897c1b06e)
Fixes#6043 - Reimplement UnixSocket support based on Java 16.
* Introduced new module "jetty-server-unixdomain".
It uses reflection to access the Java 16 Unix-Domain classes to keep compatibility with the other modules and the build.
* Added Jetty module with only HTTP/1.1 support for now (requires review of the modules to reuse them with various connectors).
* Updated documentation to mention UnixDomainServerConnector.
* Updated client libraries to support Unix-Domain.
* Updated PROXY protocol implementation to support Unix-Domain.
* Replaced unix.socket.tmp with better named jetty.unixdomain.dir property.
Defaulted jetty.unixdomain.dir property to system property user.home under Windows.
Simplified code that runs Unix-Domain tests.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixes#6562 the last written bytebuffer calculation.
Also fixed an associated issue with unnecessary flush of an empty when last calculation already signalled last.
Fix#6565 Deploy Symlinked applications by treating extracting context name (which becomes the default context path) from the base resource and then following aliases, so that base resource will not be an alias. Added warning in ContextHandler if the base resource is an alias that we may not support this in future releases.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
+ Updating tests to ensure that output is xml verified
+ Updating output to use `<hr>` element properly.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Issue #6473 - canonicalPath refactor & fix alias check in PathResource
* Reverted %-escape handling for URI query parts.
* Performing canonicalization in ServletContext.getResource(),
and improving alias checking in ContextHandler.getResource().
* Performing canonicalization checks in Resource.addPath() to avoid
navigation above of the root.
* Test added and fixed.
* Various cleanups.
* Improved javadoc and comments
* Compliance mode HttpURI uses UriCompliance.Violation
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
* Fixes#6410 - Use SocketAddress instead of InetSocketAddress.
Removed usages of InetSocketAddress in method signatures where possible.
Deprecated old methods, and added new methods with SocketAddress.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Reworked the total timeout handling.
* Now a CyclicTimeouts handles the exchanges in each HttpDestination,
and a CyclicTimeouts handles the exchanges in each HttpConnection
(rather than in HttpChannel).
* Now adjusting the total timeout for copied requests generated by
redirects and authentication.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 2e7d17400f)
* Remove WebSocketComponents & HouseKeeper on Server restart.
* Add testing for cleanup of websocket when stopping server.
* Add removeFilterHolder and removeFilterMapping methods on ServletHandler.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Fixes#5306 - Default jetty.*.acceptors should be 1.
Changed the acceptor default to 1, with -1 calculating a value based on the number of cores.
Updated documentation.
Fixed a glitch in ManagedSelector.getMaxSelectedKeys() to return long, not double.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Updated the logic in SslContextFactory.Server.sniSelect(...) to check if there is
any certificate that matches, and if so return a null alias in the hope to be called
again and pick the right alias for the SNI.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 68296911b7)
Fix#6227 Async timeout dispatch race
Only allow the thread calling onTimeout to call dispatch and complete once timeout has expired.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
FileBufferedResponseHandler adds an HttpOutput.Interceptor to buffer all responses into a file until the output is closed. This allows the commit to be delayed until the response is complete and thus headers and response status can be changed while writing the body.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Moved recording of bytes to fillRequestBuffer(),
so they are accounted also for async reads.
Added test case.
Fixed test that was too strictly comparing HttpConnection.bytesIn,
that now report a correct, but larger value.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit aed20abcbe)
* Fixes for #5684
Simplified CyclicTimeoutTest#testBusy
InclusiveByteRange clears range list on errors
InclusiveByteRange is forgiving of tab separators and leading 0s
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Added `before` section to a module to control ordering
rename `options` section to `after`
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* add an easy way to configure useInputDirectByteBuffers/useOutputDirectByteBuffers for HttpConfiguration
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
Fix#5835 Durable filters and servlets with a general ServletHandler cleanup
update indexes after updating mapping
update mappings/indexes before destroyed listeners
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Now matching certificates are sorted, non-wildcard first, so that a more specific alias is returned.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fix#4275 separate compliance modes for ambiguous URI segments and separators
default modes allows both ambiguous separators and segments, but still forbids ambiguous parameters
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* More optional etag gzip fixes for #5979
IF no separator defined, do not add a suffix to an etag.
Some cleanup of the implementation.
* More optional etag gzip fixes for #5979
updates from review
* Fix#5979 by allowing a configurable etag separator.
Fix#5979 by allowing a configurable etag separator
* updates from review
* Updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Handle URIs by first resolving relative paths and then decoding.
Added compliance mode to return 400 if there are ambiguous path segments.
Signed-off-by: Greg Wilkins <gregw@webtide.com>